On Thu, Oct 18, 2012 at 11:14:03AM +0000, Duane Hill wrote: > On Thursday, October 18, 2012 at 11:03:06 UTC, > s...@hardwarefreak.com confabulated: > > > On 10/18/2012 4:08 AM, Reindl Harald wrote: > >> i am not soo familar with dnsmasq but have a good expierience > >> with it to do tricks like "i need the content of /etc/hosts > >> via DNS for apache trafficserver without breaking the normal > >> dns-resolution of the host" > >> > >> maybe place the rbl-program on a virtual interface and > >> some tricks with dnsmasq can be the soultion - only a > >> hint where you may look > > > It would certainly help if the OP would divulge which dnsbls > > he's obtaining his rbldnsd files from. If it's standard fare, > > he should be able to obtain standard BIND format files from the > > vendor (or open source project) instead of rbldnsd format. Then > > he should be able to simply host the zones on his two resolvers. > > BIND and rbldnsd work perfectly happy together here. BIND > forwards the queries off to rbldnsd with rbldnsd running on > a different port.
Yes, the problem seems to be that the OP has not understood the necessity of having another DNS implementation running in addition to rbldnsd. For a DNSBL, rbldnsd has features which make it preferable over named and others, but it can't take the place of a more complete implementation. I'm voting with Duane here: go with rbldnsd on an alternate port, and have BIND named on *:53 udp/tcp. Configure your DNSBL zone as a "type forward" in named.conf(5). Lose the global forwarders altogether. This becomes particularly important if/when the OP needs to make any external DNSBL queries, i.e., to Zen or BRBL, or any other limited-access DNSBL. It will probably improve matters in any case. If there is some special reason to use forwarders, dnsmasq becomes a viable alternative for *:53 udp/tcp. But since a good reason would include the fact that the OP or his organization is running those forwarders, he might as well implement the rbldnsd there and be done. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
